Cyber threats top the list of military, intelligence concerns

By Amber Corrin

Mar 12, 2013

Government officials across Washington this week are agreeing that threats to cyber assets pose one of the biggest risks to national security, according to high-level Defense Department and intelligence community officials.

In a March 12 Senate Armed Services Committee hearing, Gen. Keith Alexander, commander of U.S. Cyber Command and director of the National Security Agency, warned lawmakers that cyber attacks from a growing "roster of actors" threaten U.S. interests now and in the future. His testimony came on the same day as the director of national intelligence released a report citing cyber as the chief concern in an annual report on top global threats.

Alexander continued his calls on Congress to pass legislation to complement the administration's executive order, reiterating the need for real-time information to better be shared between the government and private critical infrastructure operators. He also said laws are necessary to establish a clear chain of command when it comes to government response to cyber attacks.

"It takes a team to operate in cyberspace," Alexander said. "But at times I think in talking about the team approach, we're not clear on who's in charge when."

To that end, the commander did note that work is ongoing in mapping out rules of engagement for military operations in cyberspace. That work is being done in addition to ramped up recruiting, training and the creation of mission teams that will defend the U.S. against national-level cyber threats and operate in cyberspace. The teams will include 13 teams focused on conducting offense and 27 teams to help combatant commands with offensive planning.

Related

Alexander said the first one-third of those teams will stand up by September of this year, the second one-third next September and the final third a year from that.

Kehler said that at STRATCOM, efforts are under way to collaborate with CYBERCOM and prepare for cyber operations, but much remains to be done – and both generals agreed that sequestration poses readiness concerns for those preparations.

"In general terms...we need to be better at exercising against threats," Kehler said, adding that working with Alexander and his command, as well as red-teaming exercises, is part of the ongoing process. "We have a ways to go before we can put the punctuation mark at the end of the sentence."

The generals' comments come just as Director of National Intelligence James Clapper released his office's Worldwide Threat Assessment. This year's assessment marks a shift for the annual report, in which the most critical concerns center on cyber threats rather than the traditional dangers associated with physical warfare.

"Threats are more diverse, interconnected, and viral than at any time in history," Clapper wrote in the introduction to the assessment. "Attacks, which might involve cyber and financial weapons, can be deniable and unattributable. Destruction can be invisible, latent and progressive."

The report cites as top dangers cyber espionage and other crime, critical infrastructure threats, information control and governance, and erosion of U.S. security and economy due to the penetration of foreign actors into American networks.

The assessment goes on to note the shifting nature of global security risks – and what that means for the future as digital and physical domains continue to become inextricably linked.

"The growing use of cyber capabilities to achieve strategic goals is also outpacing the development of a shared understanding of norms of behavior, increasing the chances for miscalculations and misunderstandings that could lead to unintended escalation," the report stated. "In response to the trends and events that happen in cyberspace, the choices we and other actors make in coming years will shape cyberspace for decades to come, with potentially profound implications for U.S. economic and national security."

Reader comments

Wed, Mar 13, 2013

Frankly in my opinion, I would tell DoD to do its homework, and stop the wolf tickets. From my experience, education, and enthusiasm for this functional area it is another attempt by the DoD to keep dollars for obsolete programs and systems at the expense of Cyber Security. From what I see the DoD sector participates in very little information sharing with other Critical Infrastructures, very little of its personnel (military and civilian) are educated and trained in the functions of cyber security, information assurance, and financial management.

Again my opinion, the legislative branch of government should go back and ask U.S. Strategic Command and its subordinate command U.S. Cyber Command were these concerns presented as part of your Integrated Priority List for funding in the recent Program Objective Memorandum (POM)? Hmmm what priority did you give these Cybersecurity missions?

I believe DoD is taking away from other Critical Infrastructures, ie, Energy, and Higher Education both major, major, players in global products in the world, so really DoD, do your analysis and then let’s talk.

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.